Rename to accesscontrol.canonicalScopeString

2018-06-17 22:42:18 -07:00
parent 6a2dacb08a
commit b6b7d08af3
4 changed files with 14 additions and 12 deletions
@@ -21,17 +21,15 @@ exports = module.exports = {
    validateScopeString: validateScopeString,
    hasScopes: hasScopes,
    intersectScopes: intersectScopes,
-    canonicalScope: canonicalScope
+    canonicalScopeString: canonicalScopeString
 };

 var assert = require('assert'),
    debug = require('debug')('box:accesscontrol'),
    _ = require('underscore');

-function canonicalScope(scope) {
-    var scopes = scope.split(',');
-    scopes = scopes.map(function (s) { return s.replace(exports.SCOPE_ANY, exports.VALID_SCOPES.join(',')); });
-    return scopes.join(',');
+function canonicalScopeString(scope) {
+    return scope === exports.SCOPE_ANY ? exports.VALID_SCOPES.join(',') : scope;
 }

 function intersectScopes(allowedScopes, wantedScopes) {
@@ -253,7 +253,7 @@ function addTokenByUserId(clientId, userId, expiresAt, callback) {
        if (error) return callback(error);

        var token = tokendb.generateToken();
-        var scope = accesscontrol.canonicalScope(result.scope);
+        var scope = accesscontrol.canonicalScopeString(result.scope);

        tokendb.add(token, userId, result.id, expiresAt, scope, function (error) {
            if (error) return callback(new ClientsError(ClientsError.INTERNAL_ERROR, error));
@@ -97,7 +97,7 @@ function initialize() {

                var token = tokendb.generateToken();
                var expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION;
-                var scope = accesscontrol.canonicalScope(client.scope);
+                var scope = accesscontrol.canonicalScopeString(client.scope);

                tokendb.add(token, authCode.userId, authCode.clientId, expires, scope, function (error) {
                    if (error) return callback(error);
@@ -116,7 +116,7 @@ function initialize() {

        var token = tokendb.generateToken();
        var expires = Date.now() + constants.DEFAULT_TOKEN_EXPIRATION;
-        var scope = accesscontrol.canonicalScope(client.scope);
+        var scope = accesscontrol.canonicalScopeString(client.scope);

        tokendb.add(token, user.id, client.id, expires, scope, function (error) {
            if (error) return callback(error);
@@ -10,13 +10,17 @@ var accesscontrol = require('../accesscontrol.js'),
    expect = require('expect.js');

 describe('access control', function () {
-    describe('canonicalScope', function () {
+    describe('canonicalScopeString', function () {
        it('only * scope', function () {
-            expect(accesscontrol.canonicalScope('*')).to.be(accesscontrol.VALID_SCOPES.join(','));
+            expect(accesscontrol.canonicalScopeString('*')).to.be(accesscontrol.VALID_SCOPES.join(','));
        });

-        it('* in the middle', function () {
-            expect(accesscontrol.canonicalScope('foo,bar,*')).to.be('foo,bar,' + accesscontrol.VALID_SCOPES.join(','));
+        it('identity for non-*', function () {
+            expect(accesscontrol.canonicalScopeString('foo,bar')).to.be('foo,bar');
+        });
+
+        it('* is not expanded otherwise', function () {
+            expect(accesscontrol.canonicalScopeString('foo,bar,*')).to.be('foo,bar,*');
        });
    });